# tailscale WireGuard-based Software-Defined Mesh Network for Remote Access - Alternative to traditional VPNs - [Official Documentation](https://tailscale.com/kb/1346/start) A plug-in is currently being developed for OPNsense, and is in testing phases. # Installation + Config Installing Tailscale is made simple with OPNsense, and only 2 items are required to successfully install the service: 1. Console Access to router (SSH) 2. Internet Connection SSH into your OPNsense router console, enter "8" to select the shell option. Then run the command to download or update the ports tree: [![console.png](https://austinhomelabs.com/uploads/images/gallery/2024-04/scaled-1680-/38lzJ8m9N4nvMzI9-console.png)](https://austinhomelabs.com/uploads/images/gallery/2024-04/38lzJ8m9N4nvMzI9-console.png) ``` opnsense-code ports ``` Run it twice to make sure the most current and up-to-date version is downloaded. Then change directories and run the command to install Tailscale: [![image.png](https://austinhomelabs.com/uploads/images/gallery/2024-04/scaled-1680-/jAp3e33DnoJrRcVz-image.png)](https://austinhomelabs.com/uploads/images/gallery/2024-04/jAp3e33DnoJrRcVz-image.png) ``` cd /usr/ports/security/tailscale make install ``` Run the following commands to enable the tailscaled service and check for the version to ensure its installed: ``` service tailscaled enable service tailscaled start ``` Check version with: ``` tailscale version ``` [![image.png](https://austinhomelabs.com/uploads/images/gallery/2024-04/scaled-1680-/16mdbxbQILqzPSPZ-image.png)](https://austinhomelabs.com/uploads/images/gallery/2024-04/16mdbxbQILqzPSPZ-image.png) Run the command to add the OPNsense router as a node on your tailnet: ``` tailscale up ``` The output will provide you an authentication link to enter in your browser Open your OPNsense router Web GUI to assign the interface and lock it to prevent removal: [![image.png](https://austinhomelabs.com/uploads/images/gallery/2024-04/scaled-1680-/RhBfZL40Buh7iUtp-image.png)](https://austinhomelabs.com/uploads/images/gallery/2024-04/RhBfZL40Buh7iUtp-image.png) Your installation of tailscale is complete! Your next step should be to set up port mapping. See next page # Port Mapping With your tailscale installation complete, set up port mapping to allow access to certain devices. If you want to allow access to an entire subnet, you can do this through the admin console for tailscale in the "Edit route settings" section: [![image.png](https://austinhomelabs.com/uploads/images/gallery/2024-04/scaled-1680-/7dErL8ooevp3Z04I-image.png)](https://austinhomelabs.com/uploads/images/gallery/2024-04/7dErL8ooevp3Z04I-image.png) I've enabled access to both my LAN and homeLAB subnet: [![image.png](https://austinhomelabs.com/uploads/images/gallery/2024-04/scaled-1680-/YdjlGDgIOo7mvn8q-image.png)](https://austinhomelabs.com/uploads/images/gallery/2024-04/YdjlGDgIOo7mvn8q-image.png) Additionally, an alternative to static port mapping would be to enable Universal Plug and Play. To do this, download the Universal Plug and Play plug in via OPNsense --->Firmware ---> Plug-Ins and enable the settings. All set! See next page to view my connection results! # Successful Connection To test my connection, I went to my University library and tried to connect to my tailnet. As you can see below, I was able to ping my router gateway while connected to my University WiFi: [![connection-ping.png](https://austinhomelabs.com/uploads/images/gallery/2024-04/scaled-1680-/QJipFj1VttQqAAP5-connection-ping.png)](https://austinhomelabs.com/uploads/images/gallery/2024-04/QJipFj1VttQqAAP5-connection-ping.png) [![toolbar-connected.png](https://austinhomelabs.com/uploads/images/gallery/2024-04/scaled-1680-/6p41S62UyB7CGQhD-toolbar-connected.png)](https://austinhomelabs.com/uploads/images/gallery/2024-04/6p41S62UyB7CGQhD-toolbar-connected.png) To update Tailscale, run the following commands: ``` cd /usr/ports/security/tailscale make deinstall ``` [![image.png](https://austinhomelabs.com/uploads/images/gallery/2024-04/scaled-1680-/YwcU5N31KHy7oJb5-image.png)](https://austinhomelabs.com/uploads/images/gallery/2024-04/YwcU5N31KHy7oJb5-image.png) ``` make clean ``` [![image.png](https://austinhomelabs.com/uploads/images/gallery/2024-04/scaled-1680-/v6tgTE53V3LFmRpl-image.png)](https://austinhomelabs.com/uploads/images/gallery/2024-04/v6tgTE53V3LFmRpl-image.png) ``` make install ``` Installation may take some time. After clean installation, restart the service: ``` service tailscaled restart ``` Check the version to confirm update: ``` tailscale version ``` [![image.png](https://austinhomelabs.com/uploads/images/gallery/2024-04/scaled-1680-/JsFvZIxLp5em47O2-image.png)](https://austinhomelabs.com/uploads/images/gallery/2024-04/JsFvZIxLp5em47O2-image.png)